[Owasp-antisamy] disable encoding

Frank Pedroza frank.pedroza at gmail.com
Wed Apr 29 16:34:40 EDT 2009


This seems like something that should have already been asked, but maybe not
because I don't see it in the mailing archives.

Is it possible to disable the html encoding?  Specifically, I'm doing the
following:

----------------------------------------------------------------
CleanResults results = antisamy.scan(html);  // antisamy is an AntiSamy
instance I've initialized with a policy file

String cleanHtml = results.getCleanHTML();

if (html.equalsIgnoreCase(cleanHtml) == false) {
  // user input is not valid
}
else if (results.getErrorMessages().isEmpty() == false) {
  // user input is invalid
}
----------------------------------------------------------------

My test input is '1 < 2' and is getting translated into '1 &lt; 2'.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20090429/c8dda5c1/attachment.html 


More information about the Owasp-antisamy mailing list